Commit Graph

177 Commits

Author SHA1 Message Date
Michael Wilkerson 1b28b89439
Enhancement: Consul Compatibility Checking (#15818)
* add functions for returning the max and min Envoy major versions
- added an UnsupportedEnvoyVersions list
- removed an unused error from TestDetermineSupportedProxyFeaturesFromString
- modified minSupportedVersion to use the function for getting the Min Envoy major version. Using just the major version without the patch is equivalent to using `.0`

* added a function for executing the envoy --version command
- added a new exec.go file to not be locked to unix system

* added envoy version check when using consul connect envoy

* added changelog entry

* added docs change
2022-12-20 09:58:19 -08:00
Jared Kirschner 8991e116fe
docs: how to launch envoy when ACLs enabled (#15497) 2022-12-08 20:15:58 -05:00
Jared Kirschner 66e28f35f1
docs: clarify Vault CA provider permissions needed (#15478) 2022-12-03 09:17:33 -05:00
Chris Thain 6b477ceff8
Snapshot agent docs updates (#15504) 2022-11-22 06:13:13 -08:00
Derek Menteer 6fa8fa4fca
Fix issue with connect Envoy choosing incorrect TLS settings. (#15466)
This commit fixes a situation where the API TLS configuration
incorrectly influences the GRPC port TLS configuration for XDS.
2022-11-18 14:36:20 -06:00
cskh 435e16ecda
fix: clarifying error message when acquiring a lock in remote dc (#15394)
* fix: clarifying error message when acquiring a lock in remote dc

* Update website/content/commands/lock.mdx

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2022-11-16 15:27:37 -05:00
Dhia Ayachi 225ae55e83
Leadership transfer cmd (#14132)
* add leadership transfer command

* add RPC call test (flaky)

* add missing import

* add changelog

* add command registration

* Apply suggestions from code review

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* add the possibility of providing an id to raft leadership transfer. Add few tests.

* delete old file from cherry pick

* rename changelog filename to PR #

* rename changelog and fix import

* fix failing test

* check for OperatorWrite

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* rename from leader-transfer to transfer-leader

* remove version check and add test for operator read

* move struct to operator.go

* first pass

* add code for leader transfer in the grpc backend and tests

* wire the http endpoint to the new grpc endpoint

* remove the RPC endpoint

* remove non needed struct

* fix naming

* add mog glue to API

* fix comment

* remove dead code

* fix linter error

* change package name for proto file

* remove error wrapping

* fix failing test

* add command registration

* add grpc service mock tests

* fix receiver to be pointer

* use defined values

Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>

* reuse MockAclAuthorizer

* add documentation

* remove usage of external.TokenFromContext

* fix failing tests

* fix proto generation

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>

* Apply suggestions from code review

* add more context in doc for the reason

* Apply suggestions from docs code review

Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>

* regenerate proto

* fix linter errors

Co-authored-by: github-team-consul-core <github-team-consul-core@hashicorp.com>
Co-authored-by: Matt Keeler <mkeeler@users.noreply.github.com>
Co-authored-by: Jared Kirschner <85913323+jkirschner-hashicorp@users.noreply.github.com>
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-11-14 15:35:12 -05:00
Derek Menteer b64972d486
Bring back parameter ServerExternalAddresses in GenerateToken endpoint (#15267)
Re-add ServerExternalAddresses parameter in GenerateToken endpoint

This reverts commit 5e156772f6
and adds extra functionality to support newer peering behaviors.
2022-11-08 14:55:18 -06:00
Iryna Shustava 2a25669b13
cli/sdk: Allow redirection to a different consul dns port (#15050) 2022-10-21 13:15:32 -06:00
Jared Kirschner db6364a68f
Merge pull request #15045 from hashicorp/docs/fix-recently-broken-links
Docs/fix recently broken links
2022-10-21 10:02:35 -04:00
Nitya Dhanushkodi 5e156772f6
Remove ability to specify external addresses in GenerateToken endpoint (#14930)
* Reverts "update generate token endpoint to take external addresses (#13844)"

This reverts commit f47319b7c6.
2022-10-19 09:31:36 -07:00
Jared Kirschner f59483bc9e docs: fix api docs anchor links 2022-10-18 12:53:53 -07:00
Iryna Shustava 5cd0ccfc75
Support auth method with snapshot agent [ENT] (#15020)
Port of hashicorp/consul-enterprise#3303
2022-10-17 15:57:48 -06:00
Iryna Shustava 4bc4ef135c
cli: Add -node-name flag to redirect-traffic command (#14933) 2022-10-12 11:53:41 -06:00
Bryce Kalow 6a09b284c9
website: fix broken links (#14943) 2022-10-11 09:58:52 -05:00
Bryce Kalow 85c1a33c42
website: content updates for developer (#14419)
Co-authored-by: Ashlee Boyer <ashlee.boyer@hashicorp.com>
Co-authored-by: Ashlee M Boyer <43934258+ashleemboyer@users.noreply.github.com>
Co-authored-by: Tu Nguyen <im2nguyen@gmail.com>
Co-authored-by: Tu Nguyen <im2nguyen@users.noreply.github.com>
Co-authored-by: HashiBot <62622282+hashibot-web@users.noreply.github.com>
Co-authored-by: Kevin Wang <kwangsan@gmail.com>
2022-09-14 17:45:42 -05:00
Evan Culver d0416f593c
connect: Bump latest Envoy to 1.23.1 in test matrix (#14573) 2022-09-14 13:20:16 -07:00
Krastin Krastev 0abb923d66
docs: licensing improvements (#14488)
Co-authored-by: Jeff Boruszak <104028618+boruszak@users.noreply.github.com>
2022-09-06 18:39:07 -07:00
DanStough e617e7df3e feat(cli): add initial peering cli commands 2022-09-01 17:20:13 -04:00
Jeff Boruszak e56fd9a45a docs: Additional feedback from PR #12971
This commit incorporates additional feedback received related to
PR #12971.
2022-08-30 11:14:53 -07:00
Austin Workman b6f2b6c94f Add support for S3 path based addressing 2022-08-29 14:46:02 -06:00
Jared Kirschner 08fcdad0f6
Merge pull request #13917 from hashicorp/docs/show-cli-cmd-options-before-general-options-2
docs: show CLI cmd-specific opts before general opts
2022-07-27 18:55:06 -04:00
Jared Kirschner 95c72164a4 docs: show CLI cmd-specific opts before general opts
Applied to all remaining CLI commands.
2022-07-27 15:50:51 -07:00
Jared Kirschner cd562564ba docs: show CLI cmd-specific opts before general opts
Applied to a single command (acl auth-method create).
2022-07-26 22:38:44 -07:00
Jared Kirschner 51f0a64b6b docs: remove unnecessary partition CLI cmd info 2022-07-25 15:31:39 -07:00
Jared Kirschner 6add1039b3 docs: adjust HTTP API/CLI characteristics tables 2022-07-25 15:31:39 -07:00
Jared Kirschner 903c71618a docs: remove partition subcommand usage headings 2022-07-25 15:31:38 -07:00
Jared Kirschner bfe79b7b34 docs: add partition command characteristics
Characteristics include:
- Required ACL permissions
- Corresponding HTTP API endpoint
- (Lack of) support for blocking queries and agent caching
2022-07-25 15:31:38 -07:00
cskh cf6b6dddaf
feat(cli): enable to delete config entry from an input file (#13677)
* feat(cli): enable to delete config entry from an input file

- A new flag to config delete to delete a config entry in a
  valid config file, e.g., config delete -filename
  intention-allow.hcl
- Updated flag validation; -filename and -kind can't be set
  at the same time
- Move decode config entry method from config_write.go to
  helpers.go for reusing ParseConfigEntry()
- add changelog

Co-authored-by: Dan Upton <daniel@floppy.co>
2022-07-11 10:13:40 -04:00
Kyle Havlovitz 340a234361 Update docs for prometheus TLS options 2022-06-27 09:33:27 -07:00
David Yu d870928197
docs: Use "error" to use standard log level value (#13507)
* docs: Use "error" to use standard log level value
2022-06-20 16:07:38 -07:00
Blake Covarrubias 4c0f840c89 docs: Clarify version restriction for snapshot restore
Clarify that Consul snapshots must be restored into clusters running
the same version as the cluster from where the snapshot was taken.
2022-05-10 10:50:37 -07:00
Jared Kirschner 05d1f59720
Merge pull request #12366 from hashicorp/docs/uri-decode-resource-names-for-http-api
Document API ability to URL-decode resource names
2022-05-10 11:54:38 -04:00
Jared Kirschner a5354b50fb Document API ability to URL-decode resource names
All Consul HTTP API endpoints now URL-decode resource names specified in the
path, enabling resource names containing URL-invalid characters to be used
in HTTP API requests if URL-encoded into the path.

Functionality implemented in Github Pull Requests:
- #11335
- #11957
- #12103
- #12190
- #12297

Also documents CLI accepting URL-invalid resource names.

All Consul HTTP API endpoints now URL-decode resource names specified in the
path, enabling resource names containing URL-invalid characters to be used
in HTTP API requests if URL-encoded into the path. The Consul HTTP API always
supported URL-decoding of query parameters.

The CLI automatically URL-encodes arguments which are inserted as resource
names in the URL path, enabling the CLI to also interact with resource names
that contain URL-invalid characters.
2022-05-10 08:45:58 -07:00
Blake Covarrubias a78015c5fd
docs: Redirect /docs/security/acl/acl-system (#12975)
/docs/security/acl/acl-system was renamed in e9a42df from PR #12460 to
/docs/security/acl. A corresponding redirect was not added for this
page, resulting in a 404 being returned when accessing the old URL
path.

This commit redirects the former URL path to the new location, and
also updates all links on the site to point to the new location.
2022-05-09 09:04:23 -07:00
Jared Kirschner 1da37d87b2 docs: use correct previous name of recovery token 2022-04-19 20:26:06 -07:00
Natalie Smith 0a51e145c1 docs: simplify agent docs slugs 2022-04-11 17:38:47 -07:00
Natalie Smith ddae7d18a2 docs: fix external links to agent config pages 2022-04-11 17:38:11 -07:00
Kyle Havlovitz 763f728df4 Add doc examples for expanded token read CLI and API 2022-03-31 15:03:41 -07:00
Bryce Kalow 6bf67b7ef4
website: redirect /api to /api-docs (#12660) 2022-03-30 16:16:26 -05:00
mrspanishviking 7180c99960
Revert "[Docs] Agent configuration hierarchy " 2022-03-15 16:13:58 -07:00
trujillo-adam 4151dc097a fixing merge conflicts part 3 2022-03-15 15:25:03 -07:00
trujillo-adam 9cc9122be8 fixed merge conflicts pt2 2022-03-15 14:01:24 -07:00
trujillo-adam 76d55ac2b4 merging new hierarchy for agent configuration 2022-03-14 15:44:41 -07:00
trujillo-adam 7e98a0dc7b fixing merge conflicts 2022-03-01 09:08:20 -08:00
Daniel Nephin 53ae4b3e2c debug: update CLI docs
To clarify how trace is captured.

Also remove the minimum seconds check, because that is already done in prepare()
2022-02-15 18:16:12 -05:00
mrspanishviking ed586ade37
Update website/content/commands/connect/redirect-traffic.mdx
Co-authored-by: Blake Covarrubias <blake.covarrubias@gmail.com>
2022-02-01 15:08:23 -07:00
Ricardo Oliveira c4ea922958
Update website/content/commands/connect/redirect-traffic.mdx
Co-authored-by: mrspanishviking <cardenas88karl@gmail.com>
2022-02-01 17:20:20 +00:00
Ricardo Oliveira db9c6acf04
Update redirect-traffic.mdx 2022-02-01 17:10:49 +00:00
Blake Covarrubias 2f291df412 docs: Clarify docs for providing multiple join addresses
Rephrase the comment about specifying multiple join addresses to
clarify that it pertains to joining a single cluster by attempting to
contact one or more nodes.
2022-01-26 13:11:51 -08:00
Blake Covarrubias f09aea524f Fix spelling errors 2022-01-20 08:54:23 -08:00
Blake Covarrubias 59394e4aa2 docs: Avoid redirects by pointing links to new URLs
Avoid HTTP redirects for internal site links by updating old URLs to
point to the new location for the target content.
2022-01-20 08:52:51 -08:00
Blake Covarrubias 82b88dbc6e docs: Link to supported config kinds in `config write`
Remove statement about service-defaults and proxy-defaults being the
only supported configuration entry types. Update the sentence to point
to the configuration entry documentation for a list of supported
types.
2022-01-19 15:19:05 -08:00
Blake Covarrubias f273cfdc67
docs: Use long form of CLI flags (#12030)
Use long form of CLI flags in all example commands.

Co-authored-by: mrspanishviking <kcardenas@hashicorp.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2022-01-12 15:05:01 -08:00
Matt Siegel f8bb804d36
Merge branch 'main' into msiege2/docs-day 2022-01-11 16:16:41 -05:00
Matt Siegel 565bfce4ac Added some missing ACL info, updated details around some permissions, added missing HTTP API refs 2022-01-11 09:41:54 -05:00
Matt Siegel f7b1208fc3 Fixed absolute links to HTTP apis. 2022-01-11 08:26:58 -05:00
Natalie Smith 24c67f2dfa docs: simplify agent docs slugs 2022-01-10 17:37:18 -08:00
Natalie Smith 00c2444cfc docs: fix external links to agent config pages 2022-01-10 17:11:50 -08:00
Daniel Nephin 3b74497040 docs: move the ACL 'Authorization' section
This section was actually about authentication (not authorization).

We already have sections in our api and cli docs. This commit removes the section and replaces
it with a short paragraph in the Tokens section which links to the existing docs.
2022-01-10 17:10:39 -05:00
Matt Siegel 33933f8a33 Added ACL requirements for CLI commands 2022-01-10 16:44:56 -05:00
Matt Siegel bfb88306f6 Added Corresponding HTTP API Endpoints for every CLI command 2022-01-10 12:40:11 -05:00
Daniel Upton 0e5c1c349c Incorporate feedback from @jkirschner-hashicorp and @karl-cardenas-coding 2022-01-10 15:53:41 +00:00
Daniel Upton 021537c837 docs: call out `kv export` and the transaction API 2022-01-10 13:51:35 +00:00
Daniel Upton 2dc05b4017 docs: improve kv get examples
- Split examples into sections with headers
- Hide the clipboard on examples as the copied text isn't useful
- Format inline flags as code using backticks
2022-01-10 13:40:24 +00:00
Daniel Upton ce55cb70b8 docs: call out `kv import` and the transaction API 2022-01-10 12:30:28 +00:00
Daniel Upton 8630f03130 docs: improve read/scanability of kv put examples
- Split examples into sections with headers
- Hide the clipboard on examples as the copied text isn't useful
- Add an example of supplying data in a heredoc
- Move the flags section to the bottom to clearly separate it from CAS
  which also mentions "flags" of a different kind
- Slight re-wording for clarity
2022-01-10 12:15:59 +00:00
Daniel Upton c9c34d0e76 docs: fix placement of warning in kv put example 2022-01-10 11:40:25 +00:00
Blake Covarrubias e898cf1d41
cli: Show node identities in acl token list output (#11926)
Fix the pretty CLI output of `consul acl token list` so that it
properly displays node identities that are associated with a token.
2022-01-04 12:44:43 -08:00
Blake Covarrubias 09cc3338d4
Document /v1/agent/force-leave prune and wan params (#11886)
Document prune parameter added in #6571 and wan parameter added in
#11722.

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
2021-12-20 15:56:13 -08:00
Freddy 77892c1fcc
Remove beta notice from cli doc (#11878) 2021-12-17 09:52:59 -08:00
Mark Anderson 9806b7c268
Website fixups for admin partitions (#11842)
* Website fixups for admin partitions

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-12-14 17:55:21 -08:00
Freddy 0913644141
Update stray ref to old admin-partition cmd (#11797) 2021-12-09 19:10:01 -07:00
Freddy ff1e71efec
Merge pull request #11682 from hashicorp/ap/renames 2021-12-03 17:35:38 -07:00
Dan Upton bf56a2c495
Rename `agent_master` ACL token in the API and CLI (#11669) 2021-12-02 17:05:27 +00:00
freddygv 7efe3d8c77 Rename partition CLI command 2021-11-29 12:20:51 -07:00
Daniel Nephin a631378008
Merge pull request #11468 from hashicorp/dnephin/acl-docs-namespace-rules
docs: update docs about namespace default policy/role
2021-11-26 14:00:30 -05:00
Daniel Nephin 7bfe50a914 docs: update docs about namespace default policy/role
To include details about the permissions the ACL token must have to perform the request.
2021-11-26 13:47:45 -05:00
trujillo-adam 3ffa05495e
Merge pull request #11307 from hashicorp/docs/admin-partitions-cli-v1.11.0
admin partition docs part 1 - cli
2021-11-02 14:44:43 -07:00
Daniel Upton d47b7311b8
Support Check-And-Set deletion of config entries (#11419)
Implements #11372
2021-11-01 16:42:01 +00:00
trujillo-adam 138f9f31e6
Apply suggestions from code review
fixed typos

Co-authored-by: Blake Covarrubias <blake@covarrubi.as>
2021-11-01 08:08:04 -07:00
Chris S. Kim ff6a33511e
docs: Document datacenter limitations for admin partitions (#11425) 2021-10-26 15:35:39 -04:00
Karl Cardenas 8e1bfbae56
docs: added deprecation message to CLI command intentions overview page 2021-10-21 10:29:23 -07:00
trujillo-adam 12473899c7 applying cfeedback left in comments 2021-10-19 16:19:40 -07:00
trujillo-adam b1d73bee0a
Apply suggestions from code review
Applying some of the feedback from review

Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-10-19 15:27:23 -07:00
trujillo-adam 44fd6b6638
Update website/content/commands/admin-partition.mdx
Co-authored-by: David Yu <dyu@hashicorp.com>
2021-10-19 13:36:43 -07:00
trujillo-adam d3e3d70fbd admin partition docs part 1 - cli 2021-10-13 15:37:01 -07:00
Evan Culver df4bc6a924
Update default version in command docs 2021-10-01 11:13:34 -07:00
Freddy 8d83d27674
connect: update envoy supported versions to latest patch release
(#10961)

Relevant advisory: 
https://github.com/envoyproxy/envoy/security/advisories/GHSA-6g4j-5vrw-2m8h
2021-08-31 10:39:18 -06:00
Daniel Nephin 26ef0df458 docs: update CLI reference docs for debug
the cluster target was renamed to members.
2021-08-18 12:29:34 -04:00
Blake Covarrubias 8aa89c2c12
docs: Clarify ingress gateway's -address flag (#10810)
Clarify the function of `-address` flag when instantiating an ingress
gateway.

Resolves #9849

Co-authored-by: trujillo-adam <47586768+trujillo-adam@users.noreply.github.com>
2021-08-12 14:56:07 -07:00
Mark Anderson d3cebbd32c
Fixup to support unix domain socket via command line (#10758)
Missed the need to add support for unix domain socket config via
api/command line. This is a variant of the problems described in
it is easy to drop one.

Signed-off-by: Mark Anderson <manderson@hashicorp.com>
2021-08-12 10:05:22 -07:00
Blake Covarrubias 99b1d8ed8c docs: Update code blocks across website
* Use CodeTabs for examples in multiple formats.
* Ensure correct language on code fences.
* Use CodeBlockConfig for examples with filenames, or which need
highlighted content.
2021-08-11 13:20:03 -07:00
Blake Covarrubias 17e18df81e
docs: Document supported `consul connect` env vars (#10667)
Document the ability to specify `-sidecar-for` and `-proxy-id` flags
via environment variables.
2021-08-02 12:50:51 -07:00
Blake Covarrubias 26738ac65e docs: Add version callout for `kv import -prefix`
Add a sentence stating the version of Consul that introduced the
`-prefix` option for `consul kv import`.

Resolves #10172
2021-07-26 09:45:24 -07:00
Blake Covarrubias 832896ed11 docs: Fix spelling errors across website 2021-07-19 14:29:54 -07:00
Iryna Shustava 95305881ce
cli/sdk: Allow applying redirect-traffic rules in a provided Linux namespace (#10564) 2021-07-13 10:05:48 -06:00
Matt Keeler 76857dd682
Update 1.10 enterprise upgrade docs. (#10446)
Co-authored-by: Paul Banks <banks@banksco.de>
Co-authored-by: Ashwin Venkatesh <ashwin@hashicorp.com>
2021-06-22 14:39:11 -04:00
Dhia Ayachi 005ad9e46d
generate a single debug file for a long duration capture (#10279)
* debug: remove the CLI check for debug_enabled

The API allows collecting profiles even debug_enabled=false as long as
ACLs are enabled. Remove this check from the CLI so that users do not
need to set debug_enabled=true for no reason.

Also:
- fix the API client to return errors on non-200 status codes for debug
  endpoints
- improve the failure messages when pprof data can not be collected

Co-Authored-By: Dhia Ayachi <dhia@hashicorp.com>

* remove parallel test runs

parallel runs create a race condition that fail the debug tests

* snapshot the timestamp at the beginning of the capture

- timestamp used to create the capture sub folder is snapshot only at the beginning of the capture and reused for subsequent captures
- capture append to the file if it already exist

* Revert "snapshot the timestamp at the beginning of the capture"

This reverts commit c2d03346

* Refactor captureDynamic to extract capture logic for each item in a different func

* snapshot the timestamp at the beginning of the capture

- timestamp used to create the capture sub folder is snapshot only at the beginning of the capture and reused for subsequent captures
- capture append to the file if it already exist

* Revert "snapshot the timestamp at the beginning of the capture"

This reverts commit c2d03346

* Refactor captureDynamic to extract capture logic for each item in a different func

* extract wait group outside the go routine to avoid a race condition

* capture pprof in a separate go routine

* perform a single capture for pprof data for the whole duration

* add missing vendor dependency

* add a change log and fix documentation to reflect the change

* create function for timestamp dir creation and simplify error handling

* use error groups and ticker to simplify interval capture loop

* Logs, profile and traces are captured for the full duration. Metrics, Heap and Go routines are captured every interval

* refactor Logs capture routine and add log capture specific test

* improve error reporting when log test fail

* change test duration to 1s

* make time parsing in log line more robust

* refactor log time format in a const

* test on log line empty the earliest possible and return

Co-authored-by: Freddy <freddygv@users.noreply.github.com>

* rename function to captureShortLived

* more specific changelog

Co-authored-by: Paul Banks <banks@banksco.de>

* update documentation to reflect current implementation

* add test for behavior when invalid param is passed to the command

* fix argument line in test

* a more detailed description of the new behaviour

Co-authored-by: Paul Banks <banks@banksco.de>

* print success right after the capture is done

* remove an unnecessary error check

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>

* upgraded github.com/google/pprof v0.0.0-20181206194817-3ea8567a2e57 => v0.0.0-20210601050228-01bbb1931b22

Co-authored-by: Daniel Nephin <dnephin@hashicorp.com>
Co-authored-by: Freddy <freddygv@users.noreply.github.com>
Co-authored-by: Paul Banks <banks@banksco.de>
2021-06-07 13:00:51 -04:00
Matt Keeler af3ffdf4c8
Add license inspect command documentation and changelog (#10351)
Also reformatted another changelog entry.
2021-06-04 14:33:13 -04:00